/ penetration testing

Another OSCP review

Introduction and background

What is this? Another boring post on OSCP?

The material

As you may already know, after you complete the order you receive the material from OffSec:

  • A 400 page PDF that guides you through the pentesting process.
  • ~8h of video materials, the content is not totally overlapped with the PDF and I stringly advice you to study both.
  • A VMWare virtual machine with an installation of Kali (32bit), this machine contains every tool you'll ever need in order to survive the labs and pass the exam. You'll be grateful that the VM has an x86 arch.

I don't know how to express how much I liked the material.
I mean, there are tons of books/courses on the internet that are bigger in terms of covered topics and depth, but the way in which the material is covered is so essentialist and minimalist that is applicable to nearly every situation.
Let me explain this, I really don't care if you teach me how to exploit a SQL Injection using five different tools, I do care about the concept behind those techniques.
Offensive Security did a pretty damn good job at explaining the concepts under the hood of the most common attacks and techinques.

Some may argue that the privided material is not enough to pass the exam, and that is totally true. You'll need to put a lot of effort and individual research in order to accomplish your goal.

The labs

Let's dive into the most interesting part of the course, the LABS!
The structure of the labs is very simple, you start your testing in the public network, where the most of the machines are.
From the public network you can pivot to other subnets, the IT network and the DEV network, this can be accomplished in multiple ways, no spoilers ;)
The labs are very challenging, I was not used to chain multiple exploits together in order to get only a limited shell!
Some machines like Sufferance left a scar on my face and changed my approach radically.

The exam

Ahh, the dreaded exam!
I'm gonna tell you my story, it's quite funny.
I was obviously very anxious about the exam, I read a lot of reviews and blog posts and I knew that it weren't going to be easy.
During a pre-exam crysis, I rescheduled the exam THREE TIMES in about 20 minutes!
For those who don't know, you can reschedule your exam up to three times, and I burned them all in a matter of seconds.
Last but not least, I also had a very important exam at the University three days before the OSCP (Theorethical Computer Science, not the funniest subject) I thought that it was the end, a boudle fail.
Luckly the University exam went very very well and I was so happy that I didn't care about the OSCP at all.
That was my luck!
In the exam day I was so relaxed that I was able to finish in about 7 hours.
I'm not going to spoil anything about the number of machines etc.. you can find a lot of other blog posts about that.

I sent the report (about 50 pages) and Saturday night I received the email that officially declared me as an OSCP:


After 5 hours and too much vodka-redbull, I still couldn't belive that I made it.

The key points at the exam to keep in mind are:

  1. Enumerate
  2. Stay relaxed
  3. Don't stay too relaxed, time files
  4. Be prepared, 10 machines in the labs are not enough if you are a beginner
  5. Reward yourself when you pwn a machine
  6. Have fun, if you fail having fun, it's not failing.